Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32332d3234203d3e203432333636.roa
File: 3135352e3133332e32302e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: AAdL0nNrop+I0x5LcVApE1kz1G0SXFQP6fvOzzLAMoo=
Subject key identifier: 5C:55:95:9D:66:D5:72:C4:B0:34:C2:AC:76:D3:88:54:1F:81:A4:64
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7339A8783DAA1C481CC5DDD556B9911E12938A3F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32332d3234203d3e203432333636.roa
Signing time: Tue 25 Apr 2023 17:56:23 +0000
ROA not before: Tue 25 Apr 2023 17:51:23 +0000
ROA not after: Tue 23 Apr 2024 17:56:23 +0000
asID: 42366
IP address blocks: 155.133.20.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:39:a8:78:3d:aa:1c:48:1c:c5:dd:d5:56:b9:91:1e:12:93:8a:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 25 17:51:23 2023 GMT
Not After : Apr 23 17:56:23 2024 GMT
Subject: CN=5C55959D66D572C4B034C2AC76D388541F81A464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:ca:93:33:56:57:11:e0:e8:7e:0e:48:0a:
53:52:cb:f4:20:7d:a9:86:99:97:e9:9d:40:b7:e3:
65:93:3f:9f:04:d0:c0:be:19:66:08:8d:fd:f1:10:
a0:7d:84:28:c6:d2:a1:fb:66:73:34:c2:13:b8:25:
2d:8f:4b:e1:80:ba:b6:55:bf:91:48:fb:8f:c4:bf:
fc:a3:bd:df:8d:66:68:c4:82:76:59:ea:4e:89:49:
16:1d:31:e9:a8:71:c5:f5:35:38:bf:c3:8d:02:21:
58:f4:ee:f3:af:56:a3:af:a5:4b:8e:33:7d:81:35:
27:bd:89:49:1d:a8:a3:6a:82:bc:5b:b6:7c:90:9e:
a2:23:5a:a6:51:55:e4:50:8b:9d:d2:e1:f7:b4:f7:
61:70:6a:71:87:b3:5c:43:d4:5a:a3:92:00:13:d3:
c1:a4:9c:85:17:d8:ae:65:22:2d:d9:c3:0c:a4:3a:
df:33:dd:c4:20:af:0e:6f:ab:64:18:bc:3a:f9:d9:
1d:c6:f7:49:e4:67:14:fc:18:b5:82:6e:51:16:81:
a2:51:a4:64:ef:e9:18:1c:f2:62:80:d1:16:1f:50:
6f:38:94:2b:b8:14:0d:fd:64:30:4f:33:44:29:15:
79:4a:ed:80:fb:16:f8:ca:67:35:9c:14:73:d4:22:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:55:95:9D:66:D5:72:C4:B0:34:C2:AC:76:D3:88:54:1F:81:A4:64
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.20.0/23
Signature Algorithm: sha256WithRSAEncryption
73:b9:c8:df:6c:c3:09:30:14:b1:a2:28:c5:16:73:64:5a:1e:
ea:27:11:3c:3a:96:c3:97:f4:b6:19:d0:57:19:48:39:8a:bf:
dc:0c:10:61:c5:1c:e8:8b:35:0e:ba:46:c2:8c:0f:d3:2d:0e:
f9:00:b2:3a:57:ed:72:a7:8f:4c:20:9d:f0:f8:7a:b8:ca:bb:
07:f7:4a:c1:0d:bc:86:2d:fe:e6:2f:f1:84:48:14:89:51:3d:
82:ec:0e:91:9c:0b:22:d2:bb:0b:c4:4d:0c:08:30:e9:22:0f:
30:b6:fb:09:06:3b:51:73:7c:b9:9d:13:9b:c3:c3:70:20:1d:
47:0f:b2:ae:48:e0:00:78:46:75:6f:c7:8c:27:c5:ec:64:8d:
de:5e:30:3a:94:f5:15:7a:57:2a:81:54:a1:9b:44:ba:4f:9c:
ad:a3:0e:7f:e9:77:a7:75:4a:1b:89:fa:3c:5a:73:fd:94:a0:
b9:6e:b3:4d:38:54:d8:ec:73:33:18:51:29:81:f7:ff:0f:43:
3a:25:5e:82:34:1c:a8:f6:4e:3d:6d:f1:c6:2d:f3:fe:da:94:
55:53:e4:6c:58:ba:c7:63:12:83:39:0f:4c:6d:f2:b4:86:58:
87:0f:ef:89:63:df:33:aa:a0:33:55:cb:77:e7:cf:33:24:09:
eb:0b:ad:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUczmoeD2qHEgcxd3VVrmRHhKTij8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA0MjUxNzUxMjNaFw0yNDA0MjMxNzU2MjNaMDMxMTAvBgNV
BAMTKDVDNTU5NTlENjZENTcyQzRCMDM0QzJBQzc2RDM4ODU0MUY4MUE0NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzcqTM1ZXEeDofg5IClNSy/Qg
famGmZfpnUC342WTP58E0MC+GWYIjf3xEKB9hCjG0qH7ZnM0whO4JS2PS+GAurZV
v5FI+4/Ev/yjvd+NZmjEgnZZ6k6JSRYdMemoccX1NTi/w40CIVj07vOvVqOvpUuO
M32BNSe9iUkdqKNqgrxbtnyQnqIjWqZRVeRQi53S4fe092FwanGHs1xD1FqjkgAT
08GknIUX2K5lIi3ZwwykOt8z3cQgrw5vq2QYvDr52R3G90nkZxT8GLWCblEWgaJR
pGTv6Rgc8mKA0RYfUG84lCu4FA39ZDBPM0QpFXlK7YD7FvjKZzWcFHPUIgGBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUXFWVnWbVcsSwNMKsdtOIVB+BpGQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMy
MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
m4UUMA0GCSqGSIb3DQEBCwUAA4IBAQBzucjfbMMJMBSxoijFFnNkWh7qJxE8OpbD
l/S2GdBXGUg5ir/cDBBhxRzoizUOukbCjA/TLQ75ALI6V+1yp49MIJ3w+Hq4yrsH
90rBDbyGLf7mL/GESBSJUT2C7A6RnAsi0rsLxE0MCDDpIg8wtvsJBjtRc3y5nROb
w8NwIB1HD7KuSOAAeEZ1b8eMJ8XsZI3eXjA6lPUVelcqgVShm0S6T5ytow5/6Xen
dUobifo8WnP9lKC5brNNOFTY7HMzGFEpgff/D0M6JV6CNByo9k49bfHGLfP+2pRV
U+RsWLrHYxKDOQ9MbfK0hliHD++JY98zqqAzVct3588zJAnrC61r
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:11 2024 by rpki-client on console-ams.rpki-client.org